Security

Organizations are under relentless attack, and security breaches happen every day. A global community of attackers creates advanced malware and launches it via multi-faceted attacks and through multiple attack vectors into organizations of all sizes. These increasingly costly attacks against organiz…

Protecting data, maintaining compliance, and enabling the business is a balancing act. Put too many controls in place and you inhibit workflow. Rely exclusively on traditional security tools and you lack the visibility to detect and respond to advanced attacks quickly. The industrialization of hacki…

Today, we released the first ever Cisco IOS Software and IOS XE Software Security Advisory Bundled Publication. As a reminder, Cisco discloses IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year). In direct response to your feedback, we ha…

This blog post was authored by Troy Fridley and Omar Santos of Cisco PSIRT. On Mar 9 2015, the Project Zero team at Google revealed findings from new research related to the known issue in the DDR3 Memory specification referred to as “Row Hammer”. Row Hammer is an industry-wide issue tha…

Recognizing the critical need for state and local law enforcement agencies to have state-of-the art technologies to effectively fight digital crime, Cisco is creating the AMP Threat Grid for Law Enforcement Program. The program is designed to empower those working to protect our communities from cyb…

In the first of a two-part blog series, The Seven Deadly Sins of User Access Controls, my colleague Jean Gordon Kocienda provided fresh insights into overly-permissive user access controls as a common underlying cause of data breaches. In this blog, I address the solutions to those “Seven Dead…

2014 was a terrible year for corporate data breaches. If there is to be any silver lining, information security professionals must draw lessons from the carnage. A good place to start is to identify common denominators. Several of the most damaging incidents started with phishing emails into office…

The portals that your employees and guests use for enterprise mobility and guest access are a reflection of your company brand and putting your best foot forward means customizing them for a better user experience. The challenge is that customization often requires someone with knowledge of HTML, Ja…

Registration is now open for the upcoming FIRST Technical Colloquium May 4-6, 2015 at Cisco Systems in Amsterdam, Netherlands. Please contact us at amsterdam-tc@first.org for any questions. The event already has an exciting preliminary program covering: Attacks Against Cloud Server Honeypots Emergi…